Skip to content

Commit

Permalink
Added int casts on POST variables in PayPal Checkout
Browse files Browse the repository at this point in the history
  • Loading branch information
@TheCartpenter
TheCartpenter committed Jun 2, 2024
1 parent e34302b commit 3c0d226
Show file tree
Hide file tree
Showing 2 changed files with 14 additions and 14 deletions.
4 changes: 2 additions & 2 deletions upload/admin/controller/extension/payment/paypal.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2957,7 +2957,7 @@ public function createTracker() {

$this->load->model('extension/payment/paypal');

$order_id = $this->request->post['order_id'];
$order_id = (int)$this->request->post['order_id'];
$country_code = $this->request->post['country_code'];
$tracking_number = $this->request->post['tracking_number'];
$carrier_name = $this->request->post['carrier_name'];
Expand Down Expand Up @@ -3092,7 +3092,7 @@ public function cancelTracker() {

$this->load->model('extension/payment/paypal');

$order_id = $this->request->post['order_id'];
$order_id = (int)$this->request->post['order_id'];
$tracking_number = $this->request->post['tracking_number'];

$paypal_order_info = $this->model_extension_payment_paypal->getPayPalOrder($order_id);
Expand Down
24 changes: 12 additions & 12 deletions upload/catalog/controller/extension/payment/paypal.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -1183,7 +1183,7 @@ public function approveOrder() {

if ($page_code != 'checkout') {
if (isset($this->request->post['paypal_order_id'])) {
$this->session->data['paypal_order_id'] = $this->request->post['paypal_order_id'];
$this->session->data['paypal_order_id'] = (int)$this->request->post['paypal_order_id'];
} else {
$data['url'] = $this->url->link('checkout/cart', '', true);

Expand Down Expand Up @@ -1504,7 +1504,7 @@ public function approveOrder() {

if (!$paypal_order_info) {
if (!empty($this->request->post['paypal_order_id'])) {
$paypal_order_id = $this->request->post['paypal_order_id'];
$paypal_order_id = (int)$this->request->post['paypal_order_id'];
}

if (($payment_type == 'card') && !empty($paypal_order_id)) {
Expand Down Expand Up @@ -3281,12 +3281,12 @@ public function confirmPaymentAddress() {
$this->session->data['payment_address']['address_2'] = $this->request->post['address_2'];
$this->session->data['payment_address']['postcode'] = $this->request->post['postcode'];
$this->session->data['payment_address']['city'] = $this->request->post['city'];
$this->session->data['payment_address']['country_id'] = $this->request->post['country_id'];
$this->session->data['payment_address']['zone_id'] = $this->request->post['zone_id'];
$this->session->data['payment_address']['country_id'] = (int)$this->request->post['country_id'];
$this->session->data['payment_address']['zone_id'] = (int)$this->request->post['zone_id'];

$this->load->model('localisation/country');

$country_info = $this->model_localisation_country->getCountry($this->request->post['country_id']);
$country_info = $this->model_localisation_country->getCountry((int)$this->request->post['country_id']);

if ($country_info) {
$this->session->data['payment_address']['country'] = $country_info['name'];
Expand Down Expand Up @@ -3338,12 +3338,12 @@ public function confirmShippingAddress() {
$this->session->data['shipping_address']['address_2'] = $this->request->post['address_2'];
$this->session->data['shipping_address']['postcode'] = $this->request->post['postcode'];
$this->session->data['shipping_address']['city'] = $this->request->post['city'];
$this->session->data['shipping_address']['country_id'] = $this->request->post['country_id'];
$this->session->data['shipping_address']['zone_id'] = $this->request->post['zone_id'];
$this->session->data['shipping_address']['country_id'] = (int)$this->request->post['country_id'];
$this->session->data['shipping_address']['zone_id'] = (int)$this->request->post['zone_id'];

$this->load->model('localisation/country');

$country_info = $this->model_localisation_country->getCountry($this->request->post['country_id']);
$country_info = $this->model_localisation_country->getCountry((int)$this->request->post['country_id']);

if ($country_info) {
$this->session->data['shipping_address']['country'] = $country_info['name'];
Expand Down Expand Up @@ -4407,9 +4407,9 @@ private function validatePaymentAddress() {

// Customer Group
if (isset($this->request->post['customer_group_id']) && is_array($this->config->get('config_customer_group_display')) && in_array($this->request->post['customer_group_id'], $this->config->get('config_customer_group_display'))) {
$customer_group_id = $this->request->post['customer_group_id'];
$customer_group_id = (int)$this->request->post['customer_group_id'];
} else {
$customer_group_id = $this->config->get('config_customer_group_id');
$customer_group_id = (int)$this->config->get('config_customer_group_id');
}

// Custom field validation
Expand Down Expand Up @@ -4463,9 +4463,9 @@ private function validateShippingAddress() {

// Customer Group
if (isset($this->request->post['customer_group_id']) && is_array($this->config->get('config_customer_group_display')) && in_array($this->request->post['customer_group_id'], $this->config->get('config_customer_group_display'))) {
$customer_group_id = $this->request->post['customer_group_id'];
$customer_group_id = (int)$this->request->post['customer_group_id'];
} else {
$customer_group_id = $this->config->get('config_customer_group_id');
$customer_group_id = (int)$this->config->get('config_customer_group_id');
}

// Custom field validation
Expand Down

0 comments on commit 3c0d226

Please sign in to comment.